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(57) ABSTRACT 

A method to send and r eceive d ata packets,over-a network-^ 
of computer systems (eJg., a plurality of virtual.locaLarea 
networks~[VLANs] compliant with the IEEE 802.1Q_/ 
rstandard),using a server computer system adapted to have a 
plurality of network interface cards (NICs) coupled thereto. 
An outgoing data packet is addressed using a first media 
access controP(MAC)y address, wherein the first MAC 
address is a virtual MAC address representing the plurality 
of NICs. A NIC is selected from the plurality of NICs using 
a load balancing scheme. The functionality of the selected 
NIC is verified using a fault tolerance scheme. The first 
MAC address in the outgoing data packet is replaced with a 
second MAC address, wherein the second MAC address 
represents the selected NIC. The outgoing data packet is 
then transmitted using the selected NIC. For an incoming 
data packet received at one of the plurality of NICs, the 
existing MAC address in the incoming data packet is 
replaced with the first MAC address. Thus, the present 
embodiment of the present invention provides a high per- 
formance method that supports multiple VLANs and 
elegantly combines a load balance scheme and a fault 
tolerance scheme into a software element implemented on a 
server computer system. 

27 Claims, 10 Drawing Sheets 



son 



| CLASS OF SERVICE «10 | 



GMRMOVRP/FIP fiU 



VLAN CLASSIFIER TAG fitf 



TRUMK DIRECTOR US 



[ LOAD BALANCE Hfl 



FAULT TOLERANCE Jjjfl 



VLAN TAOGEft 



8 ELECTED NIC J£J 



07/22/2004, EAST version: 1.4.1 



iiniiiiiiiiiiiiiiiini 

US006560229B1 

(12) United States Patent w Patent No,: us 6,560,229 bi 

Kadambi et aL (45) Date of Patent: May 6, 2003 



(54) NETWORK SWITCHING ARCHITECTURE 
WITH MULTIPLE TABLE 
SYNCHRONIZATION, AND FORWARDING 
OF BOTH IP AND IPX PACKETS 

(75) Inventors: Shiri Kadambi, Los Altos, CA (US); 

Shekhar Ambe, San Jose, CA (US) 

(73) Assignee: Broadcom Corporation, Irvine, CA 
(US) 

( * ) Notice: Subject to any disclaimer, the term of this 
patent is extended or adjusted under 35 
U.S.C. 154(b) by 0 days. 

(21) Appl. No.: 09/343,410 

(22) Filed: Jun. 30, 1999 

Related U.S. Application Data 

(60) Provisional application No. 60/095,972, filed on Aug. 10, 
1998, and provisional application No. 60/092,220, filed on 
Jul. 8, 1998. 

(51) Int. CI. 7 H04L 12/28; H04L 12/54 

(52) U.S. CI 370/392; 370/396; 370/428 

(58) Field of Search 709/215, 224, 

709/238, 242, 245; 707/104; 710/52; 370/400, 
402, 392, 257, 401, 465, 466, 467, 396, 
389, 350, 503, 506, 507, 509-510 

(56) References Cited 

U.S. PATENT DOCUMENTS 

5,434,863 A 7/1995 Onishi et at. 
5,555,398 A 9/1996 Raman 
5,644,784 A 7/1997 Peek 

(List continued on next page.) 

FOREIGN PATENT DOCUMENTS 

EP 0 312 917 A 4/1989 

EP 0 465 090 A 1/1992 

EP 0 854 606 A2 7/1998 

(List continued on next page.) 



OTHER PUBLICATIONS 

"Catalyst 8500 CSR Architecture" White Paper, Cisco Sys- 
tems Online, Jul. 1998. 

"Computer Networks", A.S. Tanenbaum, Prentice-Hall Int, 
USA XP002 147300 pp. 309-320, 1988. 

Primary Examiner — Kwang Bin Yao 
Assistant Examiner— Hanh Nguyen 
(74) Attorney, Agent, or Firm — Squire, 
Dempsey L.L.P. 



Sanders & 



(57) 



ABSTRACT 



A network switch for network communications includes a 
first data port interface. The first data port interface supports 
a plurality of data ports transmitting and receiving data at a 
first data rate. A second data port interface is provided; the 
second data port interface supports a plurality of data ports 
transmitting and receiving data at a second data rate. A CPU 
interface is provided, with the CPU interface configured to 
communicate with a CPU. An internal memory is provided, 
and communicates with the first data port interface and the 
at least one second data port interface. A memory manage- 
ment unit is provided, and includes an external memory 
interface for communicating data from at least one of the 
first data port interface and the second data port interface and 
an external memory. A communication channel is provided, 
with the communication channel communicating data and 
messaging information between the first data port interface, 
the second data port interface, the internal memory, and the 
memory management unit. A plurality of semiconductor- 
implemented lookup tables are provided, ,-withthe lookups 
tables Jnclujiingjm^ lookup/layer three / 

(lookup, rules tables, and VLAN tables. jdnTof the dalaport 
Unterfaces~is~configured to"update~the address resolution 
table based on newly learned layer to addresses. An update 
to an address table associated with an initial data port 
interface of the first and second data port interfaces results 
in the initial data port interface sending a synchronization 
signal to the other address resolution tables in the network 
switch. As a result, all address resolution tables on the 
network switch are synchronized on a per entry basis. 
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ABSTRACT 



t.of 



A flexible, policy-based, mechanism for managing, 
monitoring, and prioritizing traffic within a network and 
allocating bandwidth to achieve true quality of service 
(QoS) is provided. According to one aspect of the present 
invention, a method is provided for managing bandwidth 
allocation in a network that employs a non-deterministic 
access protocol, such as an Ethernet network. A packet 
forwarding device receives information indicative.of.a.set.o; 
traffic.. groups, such as^_a_MAC_address, or[lEEE 802, 
[priority ingj£5^of 802.1_Q frame tag , if the Q oS"policv~is 
based upon individual statioiTapplications; or a physical port 
if the QoS policy is based purely upon topology. The packet 
forwarding device additionally receives bandwidth param- 
eters corresponding to the traffic groups. After receiving a 
packet associated with one of the traffic groups on a first 
port, the packet forwarding device schedules the packet for 
transmission from a second port based upon bandwidth 
parameters corresponding to the traffic group with which the 
packet is associated. According to another aspect of the 
present invention, a method is provided for managing band- 
width allocation in a packet forwarding device. The packet 
forwarding device receives information indicative of a set of 
traffic groups. The packet forwarding device additionally 
receives information defining a QoS policy for the traffic 
groups. After a packet is received by the packet forwarding 
device, a traffic group with which the packet is associated is 
identified. Subsequently, rather than relying on an end-to- 
end signaling protocol for scheduling, the packet is sched- 
uled for transmission based upon the QoS policy for the 
identified traffic group. 
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[57] ABSTRACT 

The present invention is directed to a system and method of 
sending packets between ports on trunked network switches. 
The method includes providing a first switch having a 
plurality of communication ports thereupon, and providing 
a second switch having a plurality of communication ports 
thereupon. A trunk connection is provided between the first 
switch and the second switch, with the trunk connection 
including at least two of the plurality of ports from the first 
switch being connected to at least two of the plurality of 
ports of the second switch. A rules table is provided, defining 
a set of rules identifying which port of the trunk connection 
will be used for communication. A packet is sent from a first 
port on the first switch to a second port on the second switch. 
The packet is received at an ingress submodule of the first 
switch, and a lookup is performed on one of a source address 
and a destination address of the packet based upon a lookup 
table provided in the ingress submodule. It is then identified 
that the first switch and second switch are connected with the 
trunk connection by a trunk bit in a lookup entry matched by 
the destination a HHressT A m les t« g hit i n the lookup entry is 
then identified, and the rules tag P it is then compared to a 
rules table defining which,trunk port of the trunk bundle will 
be used for communication. The rules tag determines which 
address bits will be used to identify a trunk port for com- 
munication. The packet is then forwarded to the destination 
address on the identified trunk port. The packet is then stored 
in memory, and then retrieved from memory with an egress 
unit. The egress unit then forwards the packet to the iden- 
tified trunk port. 
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ABSTRACT 



A method and apparatus for providing hardware-assisted 
CPU access to a forwarding database is described. Accord- 
ing to one aspect of the present invention, a switch fabric 
provides access to a forwarding database on behalf of a 
processor. The switch fabric includes a memory access 
interface configured to arbitrate access to a forwarding 
database memory. The switch fabric also includes a search 
engine coupled to the memory access interface and to 
multiple input ports. The search engine is configured to 
schedule and perform accesses to the forwarding database 
memory and to transfer forwarding decisions retrieved 
therefrom to the input ports. The switch fabric further 
includes command execution logic that is configured to 
interface with the processor for performing forwarding 
database accesses requested by the processor. According to 
another aspect of the invention one or more commands are 
provided to implement the following functions: (1) learning 
a supplied address; (2) reading associated data correspond- 
ing to a supplied search key; (3) aging forwarding database 
entries; (4) invalidating entries; (5) accessing mask data, 
such as mask data that may be stored in a mask per bit 
(MPB) content addressable memory (CAM), corresponding 
to a particular search key; (6) replacing forwarding database 
entries; and (7) accessing entries in the forwarding database. 

23 Claims, 9 Drawing Sheets 



FORWARDING 
AND FILTERING 
DATABASE 

140 



CPU 
161 



SWITCH FABRIC 
210 



CPU INTERFACE 
215 



NETWORK 
INTERFACE 



SHARED MEMORY 
MANAGER 



CASCADING 
INTERFACE 



100 



TO 
NETWORK 



TO ONE 
OR MORE 
OTHER 
SWITCH 
ELEMENTS 



SHARED 
MEMORY 



07/22/2004, EAST version: 1.4.1 



(i9) United States 
(12) Patent Application Publication 

Cathey et al. 




(io) Pub. No.: US 2002/0085560 Al ftekth 
(43) Pub. Date; Jul. 4, 2002 / 



(54) PROGRAMMABLE PACKET PROCESSOR 
WITH FLOW RESOLUTION LOGIC 

(76) Inventors: Jim Cathey, Greenacres, WA (US); 

Timothy S. Mlchels, Greenacres, WA 
(US) 

Correspondence Address: 
CHRISTIE, PARKER & HALE, LLP 
350 WEST COLORADO BOULEVARD 
SUITE 500 

PASADENA, CA 91105 (US) 

(21) Appl. No.: 09/751,194 

(22) Filed: Dec. 28, 2000 

Related U.S. Application Data 

(63) Non-provisional of provisional application No. 
60/206,617, filed on May 24, 2000. Non-provisional 
of provisional application No. 60/206,996, filed on 
May 24, 2000. Non-provisional of provisional appli- 
cation No. 60/220,335, filed on Jul. 24, 2000. 

Publication Classification 

(51) Int. CI. 7 H04L 12/28; H04L 12/56 

(52) U.S. CI 370/392; 370/465 



(57) 



ABSTRACT 



A programmable packet switching controller has a packet 
r buffer , a_pattem-match module, a programmable \packet 
^classification enginejano^an_application enginej^e_paclcet 
buffer storesMnbound packets, and includes-a^header^data^ 
extractor to extract header data from the inbound packets 
and to store the extracted headerdatajn.a.header_da ta cac he.^ 
The header data extractor also generates a header data cache/ 
index and provides it^tolhe packet classification engine for 
it to retrieve the extracted-header data. The packet classifi- 
cation engine has a decision tree -based classification logic 
for classifying^a_ packet. Each of the leaves of the tree 
represents^ packet classification^The packet classification 
engine uses-the -header-data - cache_index^tqj"etrieve the 
header data to peTf61ra"multiple"header checks, starting at a 
root of the tree and traversing branches until a leaf has been 
reached. The application engine has a number of program- 
mable sub-engines arrayed in a pipeli ned architec ture. The 
packet classification engine provides^start indicators^ based 
on the packet classification to the programmable sub-en- 
gines to identify application programs to be executed.JThe 
sub^ngines- in eludes a source lookup engine,^a~destination 
\bokup engine^ and a disposition engine,„which:are_usedlto^ 
make "a" disposition decision for the inbound packets in a 
processing pipeline. The pattern match module is used to' 
compare the packet to a pre-defined pattern in order to 
provide a disposition recommendation. 
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(57) ABSTRACT 

A switch includes a backplane and multiple packet proces- 
sors. One or more packet processors include multi-level 
policing logic. The packet processor receives a packet and 
^classifies the packet into multiple policeable groups. The 
packet is compared against bandwidth contracts defined for 
the policeable groups. Nested lookups are performed for the 
packet in a policing database to identify the multiple groups 
and to retrieve policing data for the multiple policeable 
groups. The policing results, which may be combined into a 
single policing result by taking the worst case policing 
result, are applied to disposition logic as recommendations, 
and are combined with other disposition recommendations 
to make a disposition decision for the packet. 
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ABSTRACT 



C Cj 

System and method in a nejwcj^pjpcessor for performing^ 
cut-through forwarding ofjLANE packets! without incurring 
the overhead associated with' LANE protocol stack assisted 
routing. A content addressable memory (CAM) stores LEC 
uplink information including mapping between MAC des- 
tinatioi>addresses } and VCC information. T he .network pro - 
c essor Al so store* LEC information tabl e^oryc ^responcim g 
VLAN~identifier s /andf LECs, Ihe LEC information table 
includes LliC ID informationfor t he VLAN ID . For a LANE 
packet received from EtherneLrand outbound to ATM dest i- 
na tion, t he network processonaetermines me LEC ID for the 
placket and then performs a GEAM lookupfto determine VCC 
information for the packet. The packet is then forwarded 
using the LEC ID and VCC information. For a LANE packet 
received from an ATM source and outbound to the Ethernet, 
the network processor determines the interface address of 
the packet. Based on the interface address, the network 
processor determines if the packet is a echoed or loopback 
packet or if its destination is the network processor itself. 
The packet is then routed to via the Ethernet if it is not a 
loopback or echo packet and the destination is not the 
network processor. 
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ABSTRACT 



A method and systemis provided jn .which data packets-from 
multiple customer VLANs are forwarded over a MAN using 7 
VLAN aggregation. A layer-2 switch located at the edge of"" 
the"MAN connects the customer VLANs to the MAN. The 
edge switch aggregates multiple customer VLANs (the 
"sub-VLANs") into one provider VLAN (the "super- 
VLAN"). When a packet is forwarded from the sub-VLAN 
to the super- VLAN and vice versa, the edge switch uses 
modified bridge forwarding rules to exchange the customer- 
configured VLAN-IDs with the provider-configured VLAN- 
IDs before transporting the packet over the MAN. The edge 
switch further uses modified bridge media access control 
(MAC) address learning rules to isolate one customer's 
traffic from another's (i.e. isolate one sub-VLAN's traffic 
from another sub-VLAN's traffic). 
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(57) ABSTRACT 

Sshared spanning tree protocol (SSTP^creates a plurality of 
spanning trees (i:e;,~ loop-free paths) which are shared among 
one or more virtual local area network (VLAN) designations 
for data transmission within a computer network. Each 
shared spanning tree includes and is defined by a primary 
VLAN and may be associated with one or more secondary 
VLANs. In order to associate VLAN designation(s) with a 
single shared spanning tree, network devices exchange 
novel shared spanning tree protocol data units (SST-PDUs). 
Each SST-PDU corresponds to a given pri mary VLAN and 
preferably includes one or more fields which fist the sec- 
ondary VLAN designations associated with the given pri- 
mary VLAN. The associati on of VLAN designation s to 
shared spanning trees, moreover, preferably depends on 
which path traffic is to follow as well as the anticipated load 
characteristics of the va rious VLAN s. The association of 
VLAN designations to shared spanning trees thus provides 
a degree ofjoad balancing within th e network. Da ta mes- 
sages tagged with a particular VLAN designationjare then 
distributed by the devices only along the shared spanning 
tree to which that VLAN has been associated by SSTP. 
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A network switch confi gured-for switching data packets 
across multiple ports uses - an address table to generated 
frame forwarding-information. The switch receives frame 
information including a source address and_destination_ 
address along withA virtual local area networll (VLAN) ID, 
if applicable. A decision-making engine searches a network 
address table to "learn" Medium Access Control (MAC) 
addresses without having to store receive port numbers by 
embedding the receive port number in the stored port vector 
fields. 
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